<?php

namespace App\Http\Middleware;

use Closure;
use Zizaco\Entrust\EntrustFacade as Entrust;
use Route,URL,Auth;

class AuthenticateAdmin
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure $next
     * @param  string|null $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {
        $isAdmin = $request->session()->get('isAdmin', false);
        if($isAdmin){
            return $next($request);
        }
        if(Auth::user()->id === 1){
            return $next($request);
        }
        //$previousUrl = URL::previous();
        //Route::currentRouteName();

       //$uri=$request->getRequestUri();
       //$uri=$request->path();
       //$request->getRequestUri()
        if(!Auth::user()->can($request->path())) {
            if($request->ajax() && ($request->getMethod() != 'GET')) {
                return response()->json([
                    'code' => 403,
                    'message' => '您没有权限执行此操作'
                ]);
            } else {
                 abort(403,'对不起！您没有权限访问该页面！');
              /*  return response()->view('admin.errors.403', compact('previousUrl'));*/
            }
        }
        return $next($request);
    }
}
